November V-Day – Self-Contained Ruby Payloads

So, last month was our first V-day that we missed. It’s unfortunate, but life happens. We’re sure everyone was quite capable of #avloling without last month’s V-Day, but we’re back this month!

For our November V-Day, we’re happy to release self-contained reverse_http & reverse_https payloads written in Ruby. These payloads are similar to our self-contained python payloads. The meterpreter dll is contained within the executable created by Veil-Evasion. This means that your payload never needs to receive the meterpreter dll over the wire. When the payload connects back to the handler, it is simply registered as an orphaned connection, and quickly establishes a connection with the handler for command and control.

If you have any questions on how these payloads work, feel free to hit us up on Freenode within #veil or on twitter!